[英]Problems with authentication on node-soap
Thank you for taking the time to read this, 感谢您抽出时间来阅读,
I have a little problem with node-soap, so basically I'm trying to verify the identity of the client before sending back a response, after following the documentation I found the server.authenticate function. 我对节点肥皂有一点问题,因此基本上,在按照文档找到了server.authenticate函数之后,我试图在发送响应之前验证客户端的身份。
server.authenticate = async function (security: any) {
const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
const success = await validateCertificate(pemKeyFromRequestAsString);
if (success) {
return true;
} else {
winston.warn("Failed to validate Certificate - Either Certificate Verification with CA Chain Failed or the system encountered an error");
return false;
}
};
That's where I do my verification business and return true or false based on the result: 那是我进行验证业务并根据结果返回true或false的地方:
const success = await validateCertificate(pemKeyFromRequestAsString);
My problem is, no matter what is the result, I still get the response back, on the logs, everything is fine and confirm that the verification failed, maybe this because of Async/Sync stuff.. I'm really new to Javascript/Typescript World, any help would be greatly appreciated. 我的问题是,无论结果如何,我仍然会在日志中返回响应,一切都很好,并确认验证失败,这可能是由于异步/同步问题造成的。 Typescript World,任何帮助将不胜感激。
Here is my a preview of my code: 这是我的代码预览:
try {
const myService = {
Calculate_Service: {
Calculate_Port: {
multiply: function(args, callback) {
const a = 1;
try {
winston.debug("Reached the multiply Function");
const n = args.a * args.b;
callback({
multiplicationResult : n
});
} catch (e) {
winston.error(e);
throw {
Fault: {
Code: {
Value: "soap:Sender",
Subcode: { value: "rpc:BadArguments" }
},
Reason: { Text: JSON.stringify(e) },
statusCode: 500
}
};
}
},
}
}
}
const xml = fs.readFileSync(AppConfiguration.responseServerWsdlPath, "utf8");
app.use(bodyParser.raw({
type: function () {
return true;
}, limit: "5mb"
}));
app.listen(port, async function () {
winston.info("Express server listening on port " + port);
const server = ArcNodeSoap.listen(app, "/calculatorService", myService, xml);
server.authenticate = async function (security: any) {
const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
const success = await validateCertificate(pemKeyFromRequestAsString);
if (success) {
return true;
} else {
winston.warn("Failed to validate Certificate - Either Certificate Verification with CA Chain Failed or the system encountered an error");
return false;
}
};
server.log = function (type, data) {
winston.debug("type: " + type);
winston.debug(JSON.stringify(data));
};
server.on("headers", function (headers, methodName) {
//More debug stuff;
winston.debug("****** HEADERS **********");
winston.debug(JSON.stringify(headers));
winston.debug("methodName: " + methodName);
winston.debug("*************************")
});
});
} catch (err) {
winston.error(err);
}
I appreciate the time guys, thank you! 谢谢你们的宝贵时间,谢谢!
I finally fixed my problem, if anyone has the same problem with the async/sync code: I fixed it by using the Async method from the documentation 我终于解决了我的问题,如果有人对异步/同步代码有同样的问题:我通过使用文档中的Async方法解决了它
server.authenticate = function (security: any, callback): any {
//Get the Binary Security Token coming from the request as a Base 64 String
const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
//Creating a new certificate with header, footer and line breaks from the binarySecurityTokenAsBase64String
const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
//Validate the certificate
//This is an async wrapper where I added all my verification steps;
validateCertificateWrapper(pemKeyFromRequestAsString).then((authorized: boolean) => {
//If the certificate is valid
if (authorized) {
winston.info("Verification successfully Passed");
return callback(true);
} else { //If the certificate is invalid
winston.error("Failed to validate Certificate");
return callback(false);
}
}, () => {
winston.error("Failed to validate Certificate");
return callback(false);
} );
};
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.